Kamoj Add-on 5.1 Beta testing poll

  • ATTENTION! As of November 1, 2020, you will not be able to reply to threads 6 months after the thread is opened. Threads will not be locked, so posts may still be edited by their authors.

Do you want to beta test Kamoj add-on v5.1b1?

  • No, I don't trust 3rd party software

    Votes: 0 0.0%
  • No, I don't use the Voxel firmware

    Votes: 0 0.0%
  • No, I don't like your add-on

    Votes: 0 0.0%

  • Total voters
    182

kamoj

Very Senior Member
New beta available!

**********************************************
* WIREGUARD support for R7800 and R9000 *
**********************************************

Changes in kamoj-addon beta version 5.2b1-1
------------------------------------------------------
- Added WIREGUARD support with GUI for R7800 and R9000
- Added install script for wireguard for R7800
(Voxel has already installed wireguard to R9000)
- Added nvram variable to stop logging to file:
kamoj_vpn_log_disabled
kamoj_wireguard_log_disabled
- DNS Privacy/Ad-Blocking: Restore users dnscrypt-proxy-2.toml at uninstall of add-on. (New try)
- OpenVPN Client: updated. Not possible to start if wireguard is already started.
- Router Information: Added Wireguard
- Router Information: Only show Wireguard and OpenVPN information if started
- Settings: All boot-logs capured earlier during boot

Note that Wireguard is completely different on R7800 and R9000.
I could only test it on R7800, so you beta testers need to inform me about R9000 specifics.
Thank you!
 
Last edited:

Droidrat

Regular Contributor
I need some help with installation (I'm new at this).

I do not have easy physical access to the R7800 router, so I can't use a USB drive; I must install via Telnet.
I downloaded 'kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk' to my workstation
I then uploaded it to https://forumfiles.com/, and obtained the link address.
I uploaded the file to the router, using the command "wget --no-check-certificate [link address]"
I checked the root of the router, using "ls", and see that forumfiles.com has changed the suffix of the file name from ".ipk" to "_ipk"
I therefore rename the file to the original name, using the "mv" command
I verify the renaming of the file, using the "ls" command
I then issue the command /bin/opkg install -V1 --force-overwrite kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk, and receive:

Collected errors:
* deb_extract: kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk: invalid magic
* pkg_init_from_file: Failed to extract control file from kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk.
Can someone please correct my syntax (or my process). TIA
 

kamoj

Very Senior Member
You are doing great, and inspire others to use your hints!

What is the output from:
Code:
\ls -al kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk
Is the size of the file the same as in download site?
Maybe forumfiles expects only multi-media files?
I need some help with installation (I'm new at this).

I do not have easy physical access to the R7800 router, so I can't use a USB drive; I must install via Telnet.
I downloaded 'kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk' to my workstation
I then uploaded it to https://forumfiles.com/, and obtained the link address.
I uploaded the file to the router, using the command "wget --no-check-certificate [link address]"
I checked the root of the router, using "ls", and see that forumfiles.com has changed the suffix of the file name from ".ipk" to "_ipk"
I therefore rename the file to the original name, using the "mv" command
I verify the renaming of the file, using the "ls" command
I then issue the command /bin/opkg install -V1 --force-overwrite kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk, and receive:

Collected errors:
* deb_extract: kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk: invalid magic
* pkg_init_from_file: Failed to extract control file from kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk.
Can someone please correct my syntax (or my process). TIA
 

Droidrat

Regular Contributor
What is the output from:
Code:
\ls -al kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk
Is the size of the file the same as in download site?
Maybe forumfiles expects only multi-media files?
-rw-r--r-- 1 root root 10041 Apr 23 02:00 kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk
 

jrbmw

Regular Contributor
I need some help with installation (I'm new at this).

I do not have easy physical access to the R7800 router, so I can't use a USB drive; I must install via Telnet.
I downloaded 'kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk' to my workstation
I then uploaded it to https://forumfiles.com/, and obtained the link address.
I uploaded the file to the router, using the command "wget --no-check-certificate [link address]"
I checked the root of the router, using "ls", and see that forumfiles.com has changed the suffix of the file name from ".ipk" to "_ipk"
I therefore rename the file to the original name, using the "mv" command
I verify the renaming of the file, using the "ls" command
I then issue the command /bin/opkg install -V1 --force-overwrite kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk, and receive:

Collected errors:
* deb_extract: kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk: invalid magic
* pkg_init_from_file: Failed to extract control file from kamoj-addon_200418-220219-5.2b1-1_ipq806x.ipk.
Can someone please correct my syntax (or my process). TIA
I did the same download but without the no-check certificate in the code and it loaded ok and was the same size as the download site.Unfortunately got the same error as you when I tried to install
Fortunately I can use a usb stick and after a few tries it worked.Used fat32 on the stick as couldnt work out how to put the addon on the stick using windows when formatted with ext 4.

@kamoj Thanks for the tutorial, vpn sorted ...eventually..Regards
 

Droidrat

Regular Contributor
So the file has wrong size. Should be about 200 Kb.
Try another file storage to upload/download from!
It is interesting. ForumFiles downloads correctly to the hard drive of my workstation (as does OneDrive and Google Drive), but does not download correctly to the router. In fact, each download service results in a very different file size on the router.

What I would like is a curl command that would enable me to transfer the file from a local drive to the router, via Telnet. That should be simple (and I assume it is doable), but I lack a sufficient knowledge of Linux to be able to implement it.
 

spocko

Occasional Visitor
Here's the method I use to install the addon:
1. Download the addon to my Windows PC
2. Run a tftp server on my PC, for example tftpd32: https://tftpd32.jounin.net/
3. Point tftp server to folder where addon was downloaded
4. Telnet into router
5. Change into temporary folder: $ cd /tmp
6. Transfer addon to router using tftp: $ tftp -g -r filename ip.address.of.pc
7. Install addon per Kamoj instructions
 

Droidrat

Regular Contributor
Here's the method I use to install the addon:
1. Download the addon to my Windows PC
2. Run a tftp server on my PC, for example tftpd32: https://tftpd32.jounin.net/
3. Point tftp server to folder where addon was downloaded
4. Telnet into router
5. Change into temporary folder: $ cd /tmp
6. Transfer addon to router using tftp: $ tftp -g -r filename ip.address.of.pc
7. Install addon per Kamoj instructions
Awesome ! That worked. Thank you.
 

KW.

Regular Contributor
I love it! I've tested Kamojs addon and Wireguard on my r9000 and get very fast internet speed. It was very easy set up. Just copied the text in my config file to were it should be copied and it works and as I said is very fast.



New beta available!

**********************************************
* WIREGUARD support for R7800 and R9000 *
**********************************************

Changes in kamoj-addon beta version 5.2b1-1
------------------------------------------------------
- Added WIREGUARD support with GUI for R7800 and R9000
- Added install script for wireguard for R7800
(Voxel has already installed wireguard to R9000)
- Added nvram variable to stop logging to file:
kamoj_vpn_log_disabled
kamoj_wireguard_log_disabled
- DNS Privacy/Ad-Blocking: Restore users dnscrypt-proxy-2.toml at uninstall of add-on. (New try)
- OpenVPN Client: updated. Not possible to start if wireguard is already started.
- Router Information: Added Wireguard
- Router Information: Only show Wireguard and OpenVPN information if started
- Settings: All boot-logs capured earlier during boot

Note that Wireguard is completely different on R7800 and R9000.
I could only test it on R7800, so you beta testers need to inform me about R9000 specifics.
Thank you!
 

sreggy

New Around Here
Hi,
I did test with the following config
Code:
#!/bin/sh
route add -net 192.168.1.1 netmask 255.255.255.255 gw 192.168.0.1
ip route flush cache
Code:
#!/bin/sh
ip addr add 192.168.1.10/24 dev $(nvram get wan_ifname) brd +
sleep 5
iptables -I POSTROUTING -t nat -o $(nvram get wan_ifname) -d 192.168.1.0/24 -j MASQUERADE
Code:
#!/bin/sh
ifconfig $(nvram get wan_ifname):1 192.168.1.10 netmask 255.255.255.0
iptables -t nat -I POSTROUTING -o $(nvram get wan_ifname) -d 192.168.1.0/24 -j MASQUERADE

but with no success, tracing with a TCPDUMP

Code:
~ # tcpdump -i brwan -p icmp
tcpdump: WARNING: brwan: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on brwan, link-type EN10MB (Ethernet), capture size 96 bytes

00:27:26.939469 IP 192.168.1.10 > zyxel.saruman: ICMP echo request, id 36669, seq 0, length 64
00:27:26.939937 IP zyxel.saruman > 192.168.1.10: ICMP echo reply, id 36669, seq 0, length 64
00:27:26.940156 IP 192.168.1.10 > zyxel.saruman: ICMP 192.168.1.10 protocol 1 port 58990 unreachable, length 92

00:27:27.939531 IP 192.168.1.10 > zyxel.saruman: ICMP echo request, id 36669, seq 1, length 64
00:27:27.939875 IP zyxel.saruman > 192.168.1.10: ICMP echo reply, id 36669, seq 1, length 64
00:27:27.940031 IP 192.168.1.10 > zyxel.saruman: ICMP 192.168.1.10 protocol 1 port 25672 unreachable, length 92

00:27:28.940125 IP 192.168.1.10 > zyxel.saruman: ICMP echo request, id 36669, seq 2, length 64
00:27:28.968616 IP zyxel.saruman > 192.168.1.10: ICMP echo reply, id 36669, seq 2, length 64
00:27:28.968772 IP 192.168.1.10 > zyxel.saruman: ICMP 192.168.1.10 protocol 1 port 12357 unreachable, length 92
seems that something goes wrong ...

Could anyone help ...

Thanks, regarda
Stefano

... and finally after some test and headache here the solution ...
first of all, my firmware @Voxel v. 1.0.2.76.1SF (really thanks to @Voxel ), than configuration:

add secondary IP to wan interface:
Code:
ip addr add 192.168.1.10/24 dev $(nvram get wan_ifname) brd +
I've added it to post-mount.sh located in /mnt/sda1/autorun/scripts

add iptables rule for forwarding
Code:
iptables -I INPUT -i $(nvram get wan_ifname) -j ACCEPT
iptables -I OUTPUT -j ACCEPT
iptables -I FORWARD 2 -i $(nvram get wan_ifname) -j ACCEPT
iptables -I FORWARD -i $(nvram get lan_ifname) -o $(nvram get wan_ifname) -j ACCEPT
iptables -I FORWARD -i $(nvram get wan_ifname) -o $(nvram get lan_ifname) -j ACCEPT
add iptables rule for NAT to reach modem from also from LAN
Code:
iptables -t nat -A POSTROUTING -o $(nvram get wan_ifname) -j MASQUERADE
I've added all iptables rules to a new script firewall-start-modem.sh located in /opt/scripts

so here we are ...
Code:
scripts # ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes
64 bytes from 192.168.1.1: icmp_seq=0 ttl=254 time=0.5 ms
64 bytes from 192.168.1.1: icmp_seq=1 ttl=254 time=0.5 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=254 time=0.5 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=254 time=0.5 ms
Happy if useful for someone ...
-stefano
 
Last edited:

R9000

New Around Here
Hello, thank to kamoj today I've installed the new beta version 5.2b1-1 after updated Voxel firmware to R9000-V1.0.4.40HF. Of course, my router is the Netgear R9000.
I'm trying it from just some hours, so I didn't an extensive test but I have some questions about some problems:
1. How to configure WireGuard client gui? I'm sure that it is something I've not understood but if I click on "Get all configuration files" it doesn't do anything. How can I configure with PIA? OpenVPN configuration works well.
2. I've configured OpenVPN and it works very well. It is faster than V.5. I've activated the Turbo On option. What does it means? How does it works? Is it like an overclock? Any risks?
3. I've noticed a problem with OpenVPN bypass and Killswitch on. None of connected bypassed devices have connections with Killswitch on. I don't know if it should work in this way. But to have internet connection on bypassed devices I have to turn off Killswitch.

Anyway, as always, thanks a lot Kamoj for your work, I really appreciate it! I hope I've helped you with my questions.
bye
 
Last edited:

Trot

New Around Here
Same question on WireGuard for my Netgear R9000 router ;) !
Is it possible ton put the new NordLynx system (1) ?

Thank you @kamoj for your work on @Voxel firmware

(1) NordLynx is the technology NordVPN built around the WireGuard® VPN protocol. It lets you experience WireGuard’s speed benefits without compromising your privacy.

Hello, thank to kamoj today I've installed the new beta version 5.2b1-1 after updated Voxel firmware to R9000-V1.0.4.40HF. Of course, my router is the Netgear R9000.
I'm trying it from just some hours, so I didn't an extensive test but I have some questions about some problems:
1. How to configure WireGuard client gui? I'm sure that it is something I've not understood but if I click on "Get all configuration files" it doesn't do anything. How can I configure with PIA? OpenVPN configuration works well.
2. I've configured OpenVPN and it works very well. It is faster than V.5. I've activated the Turbo On option. What does it means? How does it works? Is it like an overclock? Any risks?
3. I've noticed a problem with OpenVPN bypass and Killswitch on. None of connected bypassed devices have connections with Killswitch on. I don't know if it should work in this way. But to have internet connection on bypassed devices I have to turn off Killswitch.

Anyway, as always, thanks a lot Kamoj for your work, I really appreciate it! I hope I've helped you with my questions.
bye
 

kamoj

Very Senior Member
First thank you for all interest! :D
Then I'm sorry for being so bad to explain or write instructions:oops:

For wireguard there is a completely new concept.
There is no longer "one" configuration file that everyone can use.
Now you generate your own configuration files with your own private encryption key.
This key is not available to public, so the add-on can not do it.

You might have inserted a USB device with new configurations (in e.g. /mnt/sda1/wireguard-client) since you opened the wireguard window.
Then you use "Get all configuration files" scans the configuration file storage to find all files.
Or simply reload the web-page!

So a short wireguard instruction:
  1. You have to generate the configuration file according to your vpn/wireguard providers instructions.
    They are all different, and most providers have more than one way to do it.
    So I can not help you with this.
    But you don't need any special file for routers or so, any standard config file generated for you personally should be good.
  2. Then open this file in a text editor and copy the contents to the kamoj add-on wireguard window,
    where you can read the text "Type or Paste your configuration file contents here."
  3. Set a suitable name for you configuration file in the "Configuration name" box.
  4. Click "Create/Save VPN configuration" to save the configuration.
  5. Select your configuration in the "Select and Run WireGuard Client Configuration" drop-down box,
    and click "Start Wireguard Client with this"
I hope that someone in the community can help me (and Voxel... ;) ) with creating some kind of help files/instructions.
I will then "later" include these instruction so that they are available in the GUI, just to click "Help".

Hope this clears things up, and happy wireguarding!!!

PS
I'll shortly upload a new beta version solving a problem to get internet connection after a reboot with wireguard activated,
and some more features.
 

kamoj

Very Senior Member
Thank you for the appreciation! :cool:

1. It just re-read the configuration directory for your files. See post above.
2. It depends on router. For the R7800 it maximizes cpu frequency and governor and network. For R9000 just network.
But no overclocking. I have noticed 2 degrees lower temperature for my R7800 with turbo off, but much slower performance.
3. The Killswitch is killswitch. It's absolutely not compatible with bypassing.

Hello, thank to kamoj today I've installed the new beta version 5.2b1-1 after updated Voxel firmware to R9000-V1.0.4.40HF. Of course, my router is the Netgear R9000.
I'm trying it from just some hours, so I didn't an extensive test but I have some questions about some problems:
1. How to configure WireGuard client gui? I'm sure that it is something I've not understood but if I click on "Get all configuration files" it doesn't do anything. How can I configure with PIA? OpenVPN configuration works well.
2. I've configured OpenVPN and it works very well. It is faster than V.5. I've activated the Turbo On option. What does it means? How does it works? Is it like an overclock? Any risks?
3. I've noticed a problem with OpenVPN bypass and Killswitch on. None of connected bypassed devices have connections with Killswitch on. I don't know if it should work in this way. But to have internet connection on bypassed devices I have to turn off Killswitch.

Anyway, as always, thanks a lot Kamoj for your work, I really appreciate it! I hope I've helped you with my questions.
bye
 

kamoj

Very Senior Member
New beta available!

Changes in kamoj-addon beta version 5.2b2-1
------------------------------------------------------
- OpenVPN Client: Synchronization of time added
- OpenVPN Client: Configurable delay at start of openvpn-client
(Use if you can not connect to internet after booting with openvpn client activated.)
- Wireguard Client: Added: Configuration file name to log file
- Wireguard Client: Added to wireguard status: priority and affinity
- Wireguard Client: Synchronization of time added
- Wireguard Client: Configurable delay at start of wg-client
(Use if you can not connect to internet after booting with wireguard client activated.)
- Settings: Automatic restart of kamoj cron jobs after add-on re-installation
- Settings: Added: (Show all) cron jobs
- Added documentation:
release_notes.txt
FAQ.txt
 
Last edited:

R9000

New Around Here
Thank you for the appreciation! :cool:

1. It just re-read the configuration directory for your files. See post above.
2. It depends on router. For the R7800 it maximizes cpu frequency and governor and network. For R9000 just network.
But no overclocking. I have noticed 2 degrees lower temperature for my R7800 with turbo off, but much slower performance.
3. The Killswitch is killswitch. It's absolutely not compatible with bypassing.
thanks for your reply! I will check the different temperatures with turbo off and on, but I can confirm that it works faster with turbo on. I don't think I will find out too many differences in temperature if it works only network performance on R9000.
I've also understood the killswitch feature, thank you. very much. It is more clear now!
I will try to contact my vpn provider (PIA) to generate the configuration file of WireGuard, but it seems that they prioritize their app above all. If anyone has advices how to get a configuration file from PIA is more than welcome and I thank you!

UPDATE: I've just finished chatting with my vpn provider. No configuration file for now. They will update that in the "near" future. I have to use OpenVPN for now.
 
Last edited:

kamoj

Very Senior Member
Some vpn providers like PIA and NordVPN are not ready yet, it seems.
Others like AzireVPN, Mullvad VPN and Integrity VPN are up and running and no problem to get configuration files.

These "slow start" very big providers may see a chance to charge you extra money for each device more than e.g. 5.
If you use the router functionality for wireguard they have no control of how many clients you have.

So get another provider or keep nagging your provider untill they give you what you need - a configuration file -
not another application for each of your devices.
Same question on WireGuard for my Netgear R9000 router ;) !
Is it possible ton put the new NordLynx system (1) ?

Thank you @kamoj for your work on @Voxel firmware

(1) NordLynx is the technology NordVPN built around the WireGuard® VPN protocol. It lets you experience WireGuard’s speed benefits without compromising your privacy.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top